Resources
Links¶
-
Github page where you can download Windows VMs legally then hack your way through them through an unpatched vulnerability or setting up a vulnerable software.
-
/dev/random: Sleepy uses VulnInjector, need to provide you own ISO and key.
-
Bobby: 1 uses VulnInjector, need to provide you own ISO and key.
https://github.com/enaqx/awesome-pentest
Ubuntu pentest setup¶
https://www.youtube.com/watch?v=YhUiAH5SIqk&feature=youtu.be
Threat hunting linux mitr att&ck framework¶
https://github.com/Kirtar22/Litmus_Test/blob/master/README_first.md
Bug Bounty Tips, Cheat Sheets, and Resources¶
https://youtu.be/zk7BRjAyM18 https://drive.google.com/file/d/1RhFhWfrlr_Zple_3c9zwuLCU3B-56xJ7/view?usp=drivesdk
C2Hack, sharing tips and tricks for pentesters¶
https://github.com/G123N1NJ4/c2hack
Creating a CTF¶
Step 1 - CTF-Box - CTF Box Creating with Virtual Box and Windows XP
https://youtu.be/jPYtRH6zKxw
Step 2 - CTF Box - Setup Debian OS Box
https://youtu.be/rw7OjKqvMMI
Step 3 - CTF Box - Setup the Environment inside the CTF Box
https://youtu.be/_aY_zfUuODs
Step 4 - CTF Box - Deploy vulnerable web application and export created CTF box
https://youtu.be/QM24lT3f198
Step 5 - CTF Box - Export and Import CTF Box to Virtual Box
https://youtu.be/gql6rDqv6lY
Step 6 - CTF Box - Penetration Testing with File Upload vulnerability in created CTF box
https://youtu.be/uCS4nol0wvQ
Awesome Opensource¶
https://awesomeopensource.com/
OSCP Write-ups¶
https://astrosec.blogspot.com/2020/03/how-i-went-from-noob-to-oscp-in-90-days.html?m=1#more https://medium.com/@falconspy/useful-oscp-notes-commands-d71b5eda7b02 https://github.com/six2dez/OSCP-Human-Guide https://www.reddit.com/r/oscp/comments/ehkavd/yep_thats_me_i_bet_you_are_wondering_how_i_got/ https://veteransec.com/2018/09/10/32-bit-windows-buffer-overflows-made-easy/ https://www.youtube.com/watch?v=buSHZ4ghn78 https://medium.com/@falconspy/oscp-developing-a-methodology-32f4ab471fd6 https://scund00r.com/all/oscp/2018/02/25/passing-oscp.html
Linux Bash Shell | Automating the Host Discovery Process¶
https://www.youtube.com/watch?v=thasDa3Ijr4&feature=youtu.be
Personal Security Checklist¶
https://github.com/Lissy93/personal-security-checklist
Becoming a Penetration Tester/Hacker¶
https://www.reddit.com/r/hacking/comments/fc2xni/becoming_a_penetration_testerhacker/ https://jhalon.github.io/becoming-a-pentester/
Interesting Recon Script (Windows)¶
https://www.wilbursecurity.com/2020/02/interesting-recon-script/
Malware Analysis Video (Windows)¶
https://www.youtube.com/watch?v=TOof8VVjA8M&feature=youtu.be
Buffer Overflows¶
https://www.reddit.com/r/HowToHack/comments/e7fh1e/reverse_engineering_and_buffer_overflows_101_to/
Fully automated offensive security framework for reconnaissance and vulnerability scanning¶
https://github.com/j3ssie/Osmedeus
Rawsec's CyberSecurity Inventory: A inventory of tools and resources about CyberSecurity.¶
https://inventory.rawsec.ml/
Playing with file extensions in Windows. How to make ".exe" look like ".txt"¶
Lets say we have an “evil.bat”. Any capable user won’t be clicking on that!
You can use the special character “Right to Left Override” (U+202E) in the middle of the filename to hide the extension.
Type: “notevil.” Then add the special character, then for example type “cod.bat” which is shown as tab.doc due to the Right to Left overrride. The resulting filename would be: Notevil.cod.bat
but it would be opened as notevil.cod.bat (try selecting the Notevil.cod.bat
Please note that Windows Defender on the latest patch on Windows 10 does notice this and flags it as a virus. Most other vendors do not.
Parse and convert Nessus, Nmap (and more tools) to XLSX, CSV¶
https://gitlab.com/0bs1d1an/sr2t
Updated Vulnhub VMs (OSCP-Like)¶
https://docs.google.com/spreadsheets/d/1dwSMIAPIam0PuRBkCiDI88pU3yzrqqHkDtBngUHNCw8/edit#gid=0
Useful Git repo for Kali¶
https://github.com/BrashEndeavours/hotwax
Kali tools help pages¶
https://tools.kali.org/tools-listing
Nullbyte videos¶
https://null-byte.wonderhowto.com/
Free iOS Reverse Engineering Course¶
https://github.com/ivRodriguezCA/RE-iOS-Apps https://github.com/iosre/iOSAppReverseEngineering/blob/master/iOSAppReverseEngineering.pdf
Windows Enumeration Scripts¶
J.A.W.S - Just another windows script http://github.com/PowerShellMafia/PowerSploit/blob/master/Recon/PowerView.ps1 http://github.com/PowerShellMafia/PowerSploit/blob/master/Privesc/PowerUp.ps1 http://github.com/pentestmonkey/windows-privesc-check https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS windows exploit suggester Sherlock.ps1 https://www.absolomb.com/2018-01-26-Windows-Privilege-Escalation-Guide/
Red Teaming Toolkit¶
https://github.com/infosecn1nja/Red-Teaming-Toolkit/blob/master/README.md
Free PowerShell Master Class¶
https://www.youtube.com/playlist?list=PLlVtbbG169nFq_hR7FcMYg32xsSAObuq8
NFS privesc¶
https://www.errno.fr/nfs_privesc
Google Dorks¶
https://hackingpassion.com/google-dorks-an-easy-way-of-hacking/ https://github.com/BullsEye0/google_dork_list
HTB Metasploit¶
https://infinitelogins.com/2020/01/20/hack-the-box-write-up-devel-without-metasploit/ https://infinitelogins.com/2020/01/29/hack-the-box-write-up-arctic/
Free training¶
https://fedvte.usalearning.gov/
Buffer Overflow Attack Tutorial¶
https://www.youtube.com/watch?v=j7AEzGKuKUU
OSCP Powershell Reverse Listener¶
https://www.reddit.com/r/oscp/comments/exhygf/oscp_tommorow_quick_questions/
Sudo privesc script¶
https://github.com/TH3xACE/SUDO_KILLER
Automated Web Application Testing¶
https://github.com/jaeles-project/jaeles
Defeating IDS and Firewalls Video¶
https://singer.cloud/anecdotal/intro-to-shell-strategy/
NSA Python Course¶
https://techdator.net/nsas-python-programming-training-course-is-now-open-for-public-to-learn/
Pentesting Organization¶
https://danielmiessler.com/study/security-assessment-types/ http://www.pentest-standard.org/index.php/Main_Page
Shodan Hacking Guide¶
https://community.turgensec.com/shodan-pentesting-guide/
Red Team Laptop and Infrastructure¶
https://hackingand.coffee/2018/02/assessment-laptop-architecture/
Introduction To Modern Routing For Red Team Infrastructure - using Traefik, Metasploit, Covenant and Docker¶
https://khast3x.club/posts/2020-02-14-Intro-Modern-Routing-Traefik-Metasploit-Docker/
20 Tools Blue Teamers should Have¶
https://www.peerlyst.com/posts/top-20-tools-every-blue-teamer-should-have-in-2020-chiheb-chebbi?trk=search_page_search_result
CTFs with Nginx and Docker¶
https://medium.com/@_ahmadsherif/running-up-and-organizing-ctf-events-nginx-docker-481834229ba4